Exploration Systems Development (ESD) approach to Enterprise Risk Management 


The National Aeronautics and Space Administration (NASA) Exploration Systems Development 
(ESD) Division has implemented an innovative approach to Enterprise Risk Management under 
a unique governance structure and streamlined integration model. ESD’s mission is to design 
and build the capability to extend human existence to deep space. The Enterprise consists of 
three Programs: Space Launch System (SLS), Orion, and Ground Systems Development and 
Operations (GSDO). The SLS is a rocket and launch system that will be capable of powering 
humans, habitats, and support systems to deep space. Orion will be the first spacecraft in 
history capable of taking humans to multiple destinations within deep space. GSDO is 
modernizing Kennedy's spaceport to launch spacecraft built and designed by both NASA and 
private industry. 

ESD’s approach to Enterprise Risk Management is commensurate with affordability and a 
streamlined management philosophy. ESD Enterprise Risk Management leverages off of the 
primary mechanisms for integration within the Enterprise. The Enterprise integration approach 
emphasizes delegation of authority to manage and execute the majority of cross-program 
activities and products to the individual Programs, while maintaining the overall responsibility for 
all cross-program activities at the Division. The intent of the ESD Enterprise Risk Management 
approach is to improve risk communication, to avoid replication and/or contradictory strategies, 
and to minimize overhead process burden. This is accomplished by the facilitation and 
integration of risk information within ESD. The ESD Division risks, Orion risks, SLS risks, and 
GSDO risks are owned and managed by the applicable Program. When the Programs have 
shared risks with multiple consequences, they are jointly owned and managed. When a risk is 
associated with the integrated system that involves more than one Program in condition, 
consequence, or mitigation plan, it is considered an Exploration Systems Integration (ESI) Risk. 
An ESI risk may require visibility and risk handling by multiple organizations. 

The Integrated Risk Working Group (IRWG) is a small team of Risk experts that are responsible 
for collaborating and communicating best practices. In addition, the forum facilitates proper 
integration of risks across the Enterprise. The IRWG uses a Continuous Risk Management 
approach for facilitating the identification, analysis, planning, tracking, and controlling of ESI 
Risks. The ESD Division, Programs, and Integrated Task Teams identify ESI Risks. The IRWG 
maintains a set of metrics for understanding Enterprise Risk process and the overall Risk 
Posture. The team is also actively involved in the modeling of risk for Enterprise Performance 
Management. 

With the Enterprise being constrained in Schedule and Budget, and with significant technical 
complexity, the appropriate use of Risk Management techniques is crucial to the success of the 
Enterprise. The IRWG achieves this through the modified approach, providing a forum for 
collaboration on risks that cross boundaries between the separate entities. 



